Lucene search
K

2912 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/25 5:1 p.m.17 views

Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affects IBM Rational Functional Tester / DevOps Test UI

Summary There are vulnerabilities in Eclipse Jetty used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-8184 DESCRIPTION: There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote...

6.5CVSS6.8AI score0.01037EPSS
Exploits1Affected Software1
Snyk
Snyk
added 2026/05/22 1:44 p.m.9 views

Improper Validation of Specified Type of Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input in the API request handlers due to insufficient validation of user-supplied input. An attacker can cause the plugin process to crash by sending a specially crafted HTTP request to the PR...

5.3CVSS5.8AI score0.0025EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/20 5:48 p.m.11 views

Improper Validation of Specified Index, Position, or Offset in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Index, Position, or Offset in Input via the legacy GridFS file reader API. An attacker can cause a crash or leak process memory contents by supplying crafted documents with malformed file metadata to the...

6CVSS5.8AI score0.00281EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/20 3:35 p.m.15 views

Improper Validation of Unsafe Equivalence in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Unsafe Equivalence in Input in the CXF-RS or CXF-SOAP endpoints due to missing inbound filtering via setInFilterStartsWith. An attacker can execute arbitrary code and write files by injecting Camel-internal header...

9.8CVSS6.2AI score0.01425EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/19 7:54 p.m.10 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the skipGroup function. An attacker can cause a service crash by sending a crafted protobuf payload with a negative length in a length-delimited field inside a group, leading to an unchecked runtime...

8.7CVSS5.8AI score0.00055EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/19 3:47 p.m.11 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal due to the improper validation of annotations from org.opencontainers.image.title in pullArtifact methods in Registry and OCILayout. An attacker can manipulate this annotation to create a path that escapes the output...

8.1CVSS6.2AI score
Exploits0References2
Snyk
Snyk
added 2026/05/18 8:33 p.m.13 views

Improper Validation of Array Index

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:33 p.m.11 views

Improper Validation of Array Index

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:33 p.m.11 views

Improper Validation of Array Index

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:33 p.m.10 views

Improper Validation of Array Index

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:33 p.m.10 views

Improper Validation of Array Index

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:33 p.m.12 views

Improper Validation of Array Index

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 8:33 p.m.12 views

Improper Validation of Array Index

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 5:48 p.m.11 views

Improper Validation of Array Index

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

7.1CVSS5.9AI score0.00122EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 5:48 p.m.10 views

Improper Validation of Array Index

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.1CVSS5.9AI score0.00122EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 5:48 p.m.13 views

Improper Validation of Array Index

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.1CVSS5.9AI score0.00122EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 5:48 p.m.10 views

Improper Validation of Array Index

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.1CVSS5.9AI score0.00122EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/18 5:48 p.m.8 views

Improper Validation of Array Index

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

7.1CVSS5.9AI score0.00122EPSS
Exploits0References3
OSV
OSV
added 2026/05/18 5:47 p.m.4 views

GHSA-363W-HVWH-W7M6 Budibase: CouchDB Reduce Injection via Unsanitized Calculation Parameter in V1 Views API

Security Advisory: CouchDB Reduce Injection via Unsanitized Calculation Parameter in V1 Views API Affected Software: Budibase Affected Component: packages/server/src/api/controllers/view/viewBuilder.ts, packages/server/src/api/routes/view.ts CWE: CWE-94 Improper Control of Generation of Code...

6.5CVSS6AI score0.00263EPSS
Exploits0References4
OSV
OSV
added 2026/05/18 6:9 a.m.11 views

BIT-GITLAB-2026-1184 Deserialization of Untrusted Data in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 11.9 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by uploading a specially crafted file due to improper validation...

7.5CVSS5.8AI score0.00331EPSS
Exploits0References4
Rows per page
Query Builder